The concept of web sites that allow you to check to see if your data were caught up in a hack and data dump really took off after Troy Hunt opened HaveIBeenPwned.com. Now there’s a site that allows you to check to see if your data were caught up in the Qatar National Bank (QNB) data…
Cyber Caliphate posts details of 3,600 New Yorkers online: “We want them #Dead”
Samhati Bhattacharjya reports: A group of hackers linked to the Islamic State have released a hit list of thousands of New York residents and have urged the militant group’s followers to target them. The target list was reportedly posted with an announcement saying “We want them #Dead” on encrypted messaging app Telegram. NBC New York…
Federal contractor with cybersecurity ties notifies employees after W-2 info acquired by targeted phishing
I’ve continued to add entities to my list of firms or entities where employee W-2 information was successfully phished by emails purporting to be from an entity’s executive. One notification I read this morning made me cringe because the firm that was successfully phished has contracts with the government involving mission critical systems for U.S. and coalition…
Vibrant Body Wellness notifies patients after burglar steals hardware with PHI
Seen on Vibrant Body Wellness: We were robbed! Literally. Yes, it’s sad but true — our office at Vibrant Body Wellness was broken into during the weekend of March 5th to March 8th. Things were stolen and no one was physically injured. We are grateful for that, and have been sorting through the violation and…
Is ransomware considered a health data breach under HIPAA?
Back in March, I blogged about the question as to whether a ransomware attack needed to be reported to HHS as a HIPAA breach. In that post, I quoted an HHS spokesperson who informed DataBreaches.net that a ransomware situation was an impermissible disclosure (because the attacker had access to the data even if the data weren’t…
Some Users of InnerChef Had Info Hacked and Leaked
Siriam Sharma reports: An anonymous hacker has been able to infiltrate food delivery startup InnerChef‘s servers, and has leaked a partial list of names, phone numbers, and email addresses used at registration to demonstrate the exploit. Gadgets 360 confirmed the data breach by calling and verifying three of the phone numbers provided in the list…